package com.huilan.hgt.config;

import com.huilan.hgt.entity.Role;
import com.huilan.hgt.entity.User;
import com.huilan.hgt.service.UserRoleService;
import com.huilan.hgt.service.UserService;
import com.huilan.hgt.service.impl.UserRoleServiceImpl;
import com.huilan.hgt.service.impl.UserServiceImpl;
import com.huilan.hgt.util.MD5Util;
import com.huilan.hgt.util.SpringUtil;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;


/**
 * 自定义身份验证器
 * @author ghy
 */
public class CustomAuthenticationProvider implements AuthenticationProvider {

    private UserService userService;

    private UserRoleService userRoleService;

    @Resource
    private SessionRegistry sessionRegistry;

    @Override
    public Authentication authenticate(Authentication authentication) {
        // 获取认证的用户名 & 密码
        String username = authentication.getName();
        String password = authentication.getCredentials().toString();

        if(userService == null ){
            userService = SpringUtil.getBean(UserServiceImpl.class);
        }

        if(userRoleService == null ){
            userRoleService = SpringUtil.getBean(UserRoleServiceImpl.class);
        }

        User user = userService.getUserByName(username);
        if(user!=null){
            if(user.getPassword().equals(MD5Util.encryption(password))){

                //根据用户ID查询该用户角色
                List<Role> roleList = userRoleService.getRoleListByUserId(user.getUserId());

                // 这里设置权限和角色
                ArrayList<GrantedAuthority> authorities = new ArrayList<>();
                for(Role role:roleList){
                    authorities.add(new SimpleGrantedAuthority(role.getRoleCode()));
                }

                // 生成令牌
                return new UsernamePasswordAuthenticationToken(user, password,authorities);
            }else{
                throw new BadCredentialsException("用户名或密码错误，请重新输入！");
            }
        }else {
            throw new UsernameNotFoundException("用户不存在，请重新输入! ");
        }
    }

    /**
     *  是否可以提供输入类型的认证服务
     */
    @Override
    public boolean supports(Class<?> authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }
}
